Since the advances in computer technology have made the electronic computer and associated information networks highly efficient tools for business, government and home, the problem of unauthorized access to a host computer has been widely recognized along with the resulting problems of altered accounts and fraudulent transactions. As public access to host computers has become easier through public communication networks, the problems have increased. As greater use is made of information networks, the problem becomes more important.
To combat these problems, the conventional and traditional use of passwords provides a first level of security. In such a security system, a password is stored in the host computer sometimes in association with an identity designation for a remote user, such as the user's name. The user, sometimes after communicating his or her identity designation to the host computer, is challenged to provide the appropriate password. Communication of the correct password from the remote user to the host computer initiates access to the host computer.
The problem with password security is that its effectiveness is minimal because passwords can easily be stolen by others by electronic or visual eavesdropping, or in some cases, by reading a record of the communications between the remote user and the host computer. Further, the fact that a password has been "stolen" is not apparent to the legitimate, authorized users because a password is not a physical item, but rather a piece of "knowledge" that can easily be replicated by unauthorized system users.
Additional security has been sought by the implementation of extensive log-on procedures in some electronic information systems. These procedures must be known to the user and followed in logging onto the system or else access is denied. For limited access computer systems, such as those confined to a single building or company, these procedures can be justified and users can be accordingly trained. However, such systems are generally unsatisfactory in systems with large numbers of users because they are necessarily complicated in order to be effective. Therefore, they could be expected to meet with customer resistance because such cumbersome log-on procedures are to difficult, time consuming and distracting for the ordinary computer user.
In an attempt to overcome these problems, some systems have been devised to read the biometric traits of the individual remote user, such as by detecting a voice print, fingerprint, signature or the frequency response characteristics for a portion of the human body. Such systems have the advantage that they are dependent upon physiological characteristics which are conveniently mobile with the remote user so that the user is not regional to remember any security passwords. Further, such systems are not complicated for the user and additionally, depend upon characteristics which are personal to the user and cannot be "stolen". The problem with such systems, however, is that the apparatus needed for detecting such biometric traits is expensive, needs special connection to the remote terminal, and is not conveniently portable.
Prior art workers have also devised small, portable, hand-held computers which are programmed to perform an authentication algorithm in response to alphanumeric data which is keyed into the device. The algorithm is a function of the particular code which is stored in each such portable device when it is manufactured. Such currently known prior art devices, however, must each be custom initialized at a centralized location. This can occur during the manufacturing process by the storage of a different code or number into each unit, or at the issuing site for the application.
The problem with such a system is not only the added cost of centralized initialization for each device but, more importantly, such a system provides a substantial opportunity for a breach of security during the initialization. In particular, such a system provides an opportunity for persons involved in the initialization process to eavesdrop and breach system security. It affords an opportunity for them to learn particular codes or numbers and, in conjunction with the authentication algorithm, they are then able to emulate the characteristics of any initialized device. Furthermore, such a system affords them the opportunity to surreptitiously initialize second or multiple devices with identical codes so that each would perform the algorithm in the identical manner as an authorized device. It could be used to simulate the actions and responses of an authorized remote user.
Still others have proposed authenticating devices which are directly coupled through special hardware at the remote terminal so that they may be interrogated by the host computer to which the remote user is seeking access. However, such a system is unsatisfactory because it requires the special coupling device at additional cost and complexity, and can only be installed at a single remote terminal. It therefore cannot easily support typical users of electronic information services who wish to be granted access to the network from a wide range of remote terminals at various geographical locations.